Blogs

Showing Blog Posts:
51–60
of 186 tagged Cybersecurity

Every organization has external software, hardware and 3 rd -party vendors they have to deal with. In many cases, these vendors will have direct access to the corporate networks, confidential and proprietary data and more. Often the software and hardware solutions are critical to the infrastructure and security of the organization. If the vendors don’t have effective information security and…

HadLocked Down: Information Security for Lawyers not been published by the American Bar Association (ABA) and 2 of its 3 authors not been attorneys; one would have thought the book is a reproach against attorneys for their obliviousness towards information security and privacy. In numerous places, the book notes that lawyers are often clueless when it comes to digital security. With that, the…

Behind nearly every security vulnerability is poorly written or insecure code. Fix the code and a majority of the security vulnerabilities go away. In the just released 2nd edition of Secure Coding in C and C++, author Robert Seacord of CERT has created an invaluable resource for developers. Research from OWASP and CERT shows that a lion's share of core vulnerabilities can be found in a small…

Like all books on metrics, early in the book in PRAGMATIC Security Metrics: Applying Metametrics to Information Security makes the statement that “you can't manage what you can't measure”. The authors claim that other books on information security metrics discuss number theory and statistics in academic terms. This title promises to be light on mathematics and heavy on utility and is meant as a…

It’s not unusual for cybersecurity vendors to time new product announcements and major initiatives to coincide with the RSA Security Conference. Similarly, major threat reports, such as Mandiant’s APT1 Report, are often released to gain maximum exposure at RSA. But now it seems the White House has gotten into the act with its release of the Cybersecurity Executive Order, or so the conspiracy…

While at the RSA Conference this week, the nice people at Tripwire gave me a copy of their CTO’s book The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win. The theme of the book is that Bill is an IT manager at Parts Unlimited. The company's new IT initiative, code named Phoenix Project, is critical to the future of Parts Unlimited, but the project is massively over budget…

Upcoming Conferences

EMC2, EMC, RSA and their respective logos are registered
trademarks or trademarks of EMC Corporation in the
United States and other countries. All other trademarks
used herein are the property of their respective owners.